State Methods for a Cyber Incident   [open pdf - 776KB]

From the thesis abstract: "The National Cyber Incident Response Plan stipulates the state homeland security advisor as the contact point for a significant cyber incident. But this may not be the most effective method of response because the state homeland security advisors are not domain experts for cyberspace. A questionnaire was sent to state chief information officers and/or state chief information security officers to determine current capability and procedures for responding to a national cybersecurity incident. Nineteen states replied with 227 responses relating to information sharing between states and the federal government; use of established cybersecurity event and response definitions, coordination and control mechanisms, and terms; use of risk-based approaches to cyber incident planning, including remediation based on workflows and procedures; establishment of thresholds when predefined boundaries are crossed; and instigation of varying courses of action. As a result of the survey, the author recommends increasing knowledge and information flow between state and federal agencies regarding national cyber incidents; the establishment of regional cybersecurity hubs throughout the nation; and the creation of a national cyber incident teleconferencing network and prearranged protocols for situational awareness and communication of courses of action following a cybersecurity incident."

Public Domain
Retrieved From:
Naval Postgraduate School, Dudley Knox Library: http://www.nps.edu/Library/index.aspx
Media Type:
Cohort NCR1003/1004
Help with citations